I have been examining the Gazelle paper, which focuses on secure inference protocols. One section constructs a Garbled Circuit using inputs cx, sx, and sy to compute the ReLU function in neural networks. Here, sx represents the server's share of the input and cx stands for the client's share of the input data. The paper defines sx as x - r (where r is a random sequence used for masking x) and cx as r.
My understanding is that all operations within this circuit are carried out in modulo p. In the first block of the circuit, the shares are added to compute x - r + r = x. The second block appears to be performing the ReLU operation, comparing x with 0 and outputting the higher value.
However, I am struggling to comprehend the exact design details. I have the following questions:
- What is the purpose of the Trapeziums in the circuit? Are they like ports?
- In the second block, why is the modulus specified as p/2?
- Shouldn't the first input to the Trapezium in the second
block be 0 instead of p/2?
- I find it difficult to interpret the numerous branches in the first
and second blocks. For instance, in the first block following the
subtraction circuit, why does the line split into two separate
branches before entering the Trapezium? Aren't these two branches
carrying identical values? To clarify, I'll refer to these branches
as A and B. What about A' and B'?
I would greatly appreciate any insights into these design details.
